Vulnerability Description
Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial encoding) to store the user's password in the FTP profile, which allows attackers to gain privileges.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hummingbird | Connectivity | 10.0 |
References
- http://archives.neohapsis.com/archives/bugtraq/2005-08/0219.htmlVendor Advisory
- http://secunia.com/advisories/16430Vendor Advisory
- http://www.osvdb.org/18734
- http://www.securityfocus.com/bid/14559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21811
- http://archives.neohapsis.com/archives/bugtraq/2005-08/0219.htmlVendor Advisory
- http://secunia.com/advisories/16430Vendor Advisory
- http://www.osvdb.org/18734
- http://www.securityfocus.com/bid/14559
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21811
FAQ
What is CVE-2005-2599?
CVE-2005-2599 is a vulnerability with a CVSS score of 7.5 (HIGH). Hummingbird FTP for Connectivity 10.0 uses weak encryption (trivial encoding) to store the user's password in the FTP profile, which allows attackers to gain privileges.
How severe is CVE-2005-2599?
CVE-2005-2599 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-2599?
Check the references section above for vendor advisories and patch information. Affected products include: Hummingbird Connectivity.